Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Crime Security The Almighty Buck

Cybercrooks May Have Stolen Billions Using Brazilian "Boletos" 69

wiredmikey writes Researchers with RSA have discovered a Boleto malware (Bolware) ring that compromised as many as 495,753 Boleto transactions during a two-year period. Though it is not clear whether the thieves successfully collected on all of the compromised transactions, the value of those transactions is estimated to be worth as much as $3.75 billion. A Boleto is essentially a document that allows a customer to pay an exact amount to a merchant. Anyone who owns a bank account — whether a company or an individual — can issue a Boleto associated with their bank. The first signs of its existence appeared near the end of 2012 or early 2013, when it began to be reported in the local news media," according to the report (PDF). "The RSA Research Group analyzed version 17 of the malware, gathering data between March 2014 and June 2014. The main goal of Boleto malware is to infiltrate legitimate Boleto payments from individual consumers or companies and redirect those payments from victims to fraudster accounts."
This discussion has been archived. No new comments can be posted.

Cybercrooks May Have Stolen Billions Using Brazilian "Boletos"

Comments Filter:
  • I don't get it. (Score:3, Insightful)

    by Kleebner ( 533168 ) on Wednesday July 02, 2014 @10:24PM (#47373607) Homepage
    So this boleto thing... It's a check, right? I am not getting what makes it different.
  • Blame the banks (Score:5, Insightful)

    by DeKO ( 671377 ) <danielosmariNO@SPAMgmail.com> on Wednesday July 02, 2014 @10:32PM (#47373631)

    From TFA:

    In Brazil, when banking customers access their online banking site for the first time, they are often asked to install a security plugin. [,,,] However, the Boleto malware [,,,] searches for specific versions of client side security plug-ins detects their shared libraries and patches them in real-time to dodge security.

    I've closed my account in 3 different banks for pulling this bullshit. So it turned out the "security plugin" is full of security holes; worse than that, they are educating their users that they need to install/update software every time they access their bank online, so most accept plugin installation confirmations right away.

    The fact that it attacks boletos is a minor detail, it's a traceable and reversible money transfer once suspicious activity is identified.

And it should be the law: If you use the word `paradigm' without knowing what the dictionary says it means, you go to jail. No exceptions. -- David Jones

Working...